Software products (such as computer programs) can be perfectly reproduced in an infinite number of copies. This is a major concern for publishers of the products wishing to protect their intellectual property rights; indeed, the publishers typically receive a royalty for a licensed use of each product, so that any unaccounted use or distribution of the product results in unpaid royalties. The problem has been exacerbated in the last years by the widespread diffusion of the Internet, which further facilitates the uncontrolled distribution of this kind of products.
The most straightforward way of avoiding unaccounted usage of the products is that of preventing unauthorized copying and transmission. For example, some products embed control code that limits the number of copies that can be made or disables operation of the products after a predetermined period of time has lapsed. Another technique consists of requiring possession of a software or hardware key for running the products. A different solution consists of modifying each product to include a call to a licensing management system. Every time the product is started, a corresponding request is transferred to the licensing management system. The licensing management system verifies whether the usage of the product is authorized. If the result of the verification is positive, the product can continue its execution; otherwise, the product is forced to stop.
However, the technique described above requires each product to be modified by the publisher, so that they are not of general applicability. In addition, the solutions known in the art are quite rigid and cannot be readily adapted to different requirements.
A different approach is based on the use of a software catalogue. The software catalogue lists all the known products to be metered; each product is identified by one or more executable modules indicative of its running. In this case, a licensing agent working in the background detects the executable modules that have been launched; the licensing agent then identifies the corresponding products through the software catalogue.
For this purpose, the licensing agent periodically collects a list of the executable modules that are currently running. For each executable module, if the corresponding product is not authorized the licensing agent may kill the respective process (so as to stop execution of the product), and may make the product unable to start again. Alternatively, as described in WO-A-03038570, the licensing agent detects any new process that is started in response to the request of execution of a product (for example, using a kernel hooking technique). The process is suspended and an authorization to run the product is verified. If the authorization is granted, the process is resumed so as to enable the product to start. Conversely, the process is aborted thereby preventing execution of the product; this avoids killing the product while it is performing potentially risky operations.
A problem of the techniques based on the software catalogue is that different versions of the same product are typically based on executable modules with an identical name. A solution commonly used for allowing the licensing agent to identify the actual version of the product being running is that of defining the executable modules in the software catalogue by means of their name and size.
However, this technique is not completely satisfactory. Indeed, when two or more versions of a product share the same executable module the licensing agent is unable to identify the correct version of the product that is running.
Moreover, in the solution known in the art the licensing agent cannot discriminate different configurations of the products. A typical scenario consists of a product that is available either as a stand-alone program or within a software suite (of course, with substantially different prices). In this case, whenever the licensing agent detects the launch of the corresponding executable module it cannot determine whether the authorization to run the stand-alone program or the authorization to run the software suite is required.
An additional drawback arises when fix packs or patches are applied to the products. This operation typically changes the sizes of the corresponding executable modules. Therefore, the software catalogue must be updated accordingly (in order to allow the licensing agent to continue working correctly). However, the maintenance of the software catalogue is very inefficient and time consuming (especially when the operation must be repeated on multiple computers). The above-mentioned drawback is particular acute in high-dynamic environments, wherein fix packs and patches are routinely distributed.